SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks
Post Content
-
-
Malaysia PM Refuses to Pay $10M Ransomware Demand
The attack hit the Kuala Lumpur airport over the weekend, and it remains unclear who the threat actors are and what kind of information they may have stolen.
-
-
Navigating Cyber-Risks and New Defenses
Digital transformation has revolutionized industries with critical infrastructure — but it has also introduced new vulnerabilities.
-
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. “The new…
-
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. “The new…
-
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that’s designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. “The purpose of the malware is to download and execute second-stage payloads while evading
-
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable…
-
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. “PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices,” Sophos security researcher Pankaj Kohli said in…
-
Stealing user credentials with evilginx
A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope